Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
revolution vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2014-9734
Directory traversal vulnerability in the Slider Revolution (revslider) plugin prior to 4.2 for WordPress allows remote malicious users to read arbitrary files via a .. (dot dot) in the img parameter in a revslider_show_image action to wp-admin/admin-ajax.php.
Themepunch Slider Revolution
2 EDB exploits
4.3
CVSSv2
CVE-2007-5112
Cross-site scripting (XSS) vulnerability in session.cgi (aka the login page) in Google Urchin 5 5.7.03 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the query string, a different vulnerability than CVE-2007-4713. NOTE: this can be ...
Roi Revolution Urchin
1 EDB exploit
3.5
CVSSv2
CVE-2017-1000223
A stored web content injection vulnerability (WCI, a.k.a XSS) is present in MODX Revolution CMS version 2.5.6 and previous versions. An authenticated user with permissions to edit users can save malicious JavaScript as a User Group name and potentially take control over victims...
Modx Modx Revolution
7.5
CVSSv2
CVE-2015-1400
SQL injection vulnerability in search.php in NPDS Revolution 13 allows remote malicious users to execute arbitrary SQL commands via the query parameter.
Npds Revolution 13.0
1 EDB exploit
7.5
CVSSv2
CVE-2007-4838
Multiple buffer overflows in CellFactor Revolution 1.03 and previous versions allow remote malicious users to execute arbitrary code via a long string in a (1) 0x21, (2) 0x22, or (3) 0x23 packet.
Immersion Games Cellfactor Revolution
1 EDB exploit
3.5
CVSSv2
CVE-2018-17556
MODX Revolution v2.6.5-pl allows stored XSS via a Create New Media Source action.
Modx Modx Revolution 2.6.5
3.5
CVSSv2
CVE-2018-10382
MODX Revolution 2.6.3 has XSS.
Modx Modx Revolution 2.6.3
NA
CVE-2023-28622
Auth. (author+) Stored Cross-Site Scripting (XSS) vulnerability in Trident Technolabs Easy Slider Revolution plugin <= 1.0.0 versions.
Tridenttechnolabs Easy Slider Revolution
2.6
CVSSv2
CVE-2010-4883
Cross-site scripting (XSS) vulnerability in manager/index.php in MODx Revolution 2.0.2-pl allows remote malicious users to inject arbitrary web script or HTML via the modhash parameter.
Modx Revolution 2.0.2-pl
1 EDB exploit
10
CVSSv2
CVE-2010-5310
The Acquisition Workstation for the GE Healthcare Revolution XQ/i has a password of adw3.1 for the sdc user, which has unspecified impact and attack vectors. NOTE: it is not clear whether this password is default, hardcoded, or dependent on another system or product that requires...
Gehealthcare Revolution Xq\\/i
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »